Zenoss and the Art of Network Monitoring

At this point, we can use the dashboard to monitor the managed devices,
but we will be notified only if we visit the site. It would be much more
helpful if we could receive alerts via e-mail. To set up e-mail alerting,
we need to create a separate user account, as alerts do not work under
the admin account. Click on the Setting link under the Management
navigation section. Using the drop-down arrow on the menu, select Add
User. Enter a user name and e-mail address when prompted. Click on the
new user in the list to edit its properties. Enter a password for the
new account, and assign a role of Manager. Click Save at the bottom of
the page. Log out of Zenoss, and log back in with the new account. Bring
the settings page back up, and enter your SMTP server information. After
setting up SMTP, we need to create an Alerting Rule for our new user.
Click on the Users tab, and click on the account just created in the
list. From the resulting page, click on the Edit tab and enter the e-mail
address to which you want alerts sent. Now, go to the Alerting Rules tab and
create a new rule using the drop-down arrow. On the edit tab of the new
Alerting Rule, change the Action to email, Enabled to True, and change
the Severity formula to >= Warning (Figure 4). Click Save.

Figure 4. Creating an Alert Rule

The above rule sends alerts when any Production server experiences an
event rated Warning or higher (Figure 5). Using a filter, you can create any
number of rules and have them apply only to specific devices or groups of
devices. If you want to limit your alerts by time to working hours, for
example, use the Schedule tab on the Alerting Rule to define a window. If
no schedule is specified (the default), the rule runs all the time. In our
rule, only one user will be notified. You also can create groups of users
from the Settings page, so that multiple people are alerted, or you could
use a group e-mail address in your user properties.

Figure 5. Zenoss alerts are sent fresh to your mailbox.

Services and Processes

We can expand our view of the test systems by adding a process and a
service for Zenoss to monitor. When we refer to a process in Zenoss,
we mean an active program, usually a dæmon, running on a managed
device. Zenoss uses regular expressions to monitor processes.

To monitor Postfix on the mail server, first, let's define it as a
process. Navigate to the Processes page under the Classes section of
the navigation menu. Use the drop-down arrow next to OS Processes, and
click Add Process. Enter Postfix as the process ID. When you return
to the previous page, click on the link to the new process. On the edit
tab of the process, enter master in the Regex field. Click
Save before navigating away. Go to the zProperties tab of the process, and
make sure the zMonitor field is set to True. Click Save again. Navigate
back to the mail server from the dashboard, and on the OS tab, use the
topmost menu's drop-down arrow to select Add→Add OSProcess. After the
process has been added, we will be alerted if the Postfix process degrades
or fails. While still on the OS tab of the server, place a check mark
next to the new Postifx process, and from the OS Processes drop-down menu,
select Lock OSProcess. On the next set of options, select Lock from
deletion. This protects the process from being overwritten if Zenoss
remodels the server.

Services in Zenoss are defined by active network ports instead of running
dæmons. There are a plethora of services built in to the software, and
you can define your own if you want to. The built-in services are broken
down into two categories: IPServices and WinServices. IPservices use
any port from 1-65535 and include common network apps/protocols, such as SMTP
(Port 25), DNS (53) and HTTP (80). WinServices are intended for specific
use with Windows servers (Figure 6).

Figure 6. Zenoss comes with a plethora of predefined Windows services to
monitor.

Adding a service is much simpler than adding a process, because there are so
many predefined in Zenoss. To monitor the HTTP service on our Web server,
navigate to the server from the dashboard. Use the main menu's drop-down
arrow on the server's OS tab arrow, and select Add→Add IPService. Type
HTTP in the Service Class Field. Notice that the field begins to prefill
with matches as you type the letters. Select TCP as the protocol, and click
OK. Click Save on the resulting page. As with the OSProcess procedure,
return to the OS tab of the server and lock the new IPService. Zenoss
is now monitoring HTTP availability on the server (Figure 7).

Hi, I'm Ty Hahn and one of the biggest fan of LJ.
I really enjoyed this article. While reading, I found a tiny mistake and that's why I'm here.
On page 73, the SNMP configuration file for Ubuntu to change must be '/etc/default/snmpd' instead of '/etc/snmp/default'.
I hope this helps to save somebody's precious time.
Thanks.